Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(684)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/common/extensions/extension_permission_set_unittest.cc

Issue 7003098: Start refractoring extension permissions into ExtensionPermissionSet. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: fix a bad merge Created 9 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/common/extensions/extension_permission_set.cc ('K') | « chrome/common/extensions/extension_permission_set.cc ('k') | chrome/common/extensions/extension_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/common/extensions/extension_permission_set.h"
6
7 #include "base/logging.h"
8 #include "base/path_service.h"
9 #include "base/utf_string_conversions.h"
10 #include "chrome/common/chrome_paths.h"
11 #include "chrome/common/extensions/extension.h"
12 #include "content/common/json_value_serializer.h"
13 #include "testing/gtest/include/gtest/gtest.h"
14
15 namespace {
16
17 static scoped_refptr<Extension> LoadManifest(const std::string& dir,
18 const std::string& test_file,
19 int extra_flags) {
20 FilePath path;
21 PathService::Get(chrome::DIR_TEST_DATA, &path);
22 path = path.AppendASCII("extensions")
23 .AppendASCII(dir)
24 .AppendASCII(test_file);
25
26 JSONFileValueSerializer serializer(path);
27 std::string error;
28 scoped_ptr<Value> result(serializer.Deserialize(NULL, &error));
29 if (!result.get()) {
30 EXPECT_EQ("", error);
31 return NULL;
32 }
33
34 scoped_refptr<Extension> extension = Extension::Create(
35 path.DirName(), Extension::INVALID,
36 *static_cast<DictionaryValue*>(result.get()),
37 Extension::STRICT_ERROR_CHECKS | extra_flags, &error);
38 EXPECT_TRUE(extension) << error;
39 return extension;
40 }
41
42 static scoped_refptr<Extension> LoadManifest(const std::string& dir,
43 const std::string& test_file) {
44 return LoadManifest(dir, test_file, Extension::NO_FLAGS);
45 }
46
47 void CompareLists(const std::vector<std::string>& expected,
48 const std::vector<std::string>& actual) {
49 ASSERT_EQ(expected.size(), actual.size());
50
51 for (size_t i = 0; i < expected.size(); ++i) {
52 EXPECT_EQ(expected[i], actual[i]);
53 }
54 }
55
56 static void AddPattern(URLPatternSet* extent, const std::string& pattern) {
57 int schemes = URLPattern::SCHEME_ALL;
58 extent->AddPattern(URLPattern(schemes, pattern));
59 }
60
61 static void AssertEqualExtents(const URLPatternSet& extent1,
62 const URLPatternSet& extent2) {
63 URLPatternList patterns1 = extent1.patterns();
64 URLPatternList patterns2 = extent2.patterns();
65 std::set<std::string> strings1;
66 EXPECT_EQ(patterns1.size(), patterns2.size());
67
68 for (size_t i = 0; i < patterns1.size(); ++i)
69 strings1.insert(patterns1.at(i).GetAsString());
70
71 std::set<std::string> strings2;
72 for (size_t i = 0; i < patterns2.size(); ++i)
73 strings2.insert(patterns2.at(i).GetAsString());
74
75 EXPECT_EQ(strings1, strings2);
76 }
77
78 } // namespace
79
80 class ExtensionAPIPermissionTest : public testing::Test {
81 };
82
83 class ExtensionPermissionSetTest : public testing::Test {
84 };
85
86 // Tests that GetByName works with normal permission names and aliases.
87 TEST(ExtensionAPIPermissionTest, GetByName) {
88 EXPECT_EQ(ExtensionAPIPermission::Tab(),
89 *ExtensionAPIPermission::GetByName("tabs"));
90 EXPECT_EQ(ExtensionAPIPermission::Management(),
91 *ExtensionAPIPermission::GetByName("management"));
92 EXPECT_FALSE(ExtensionAPIPermission::GetByName("alsdkfjasldkfj"));
93 }
94
95 // Tests that the aliases are properly mapped.
96 TEST(ExtensionAPIPermissionTest, Aliases) {
97 // tabs: tabs, windows
98 std::string tabs_name = "tabs";
99 EXPECT_EQ(tabs_name, ExtensionAPIPermission::Tab().name());
100 EXPECT_EQ(ExtensionAPIPermission::Tab(),
101 *ExtensionAPIPermission::GetByName("tabs"));
102 EXPECT_EQ(ExtensionAPIPermission::Tab(),
103 *ExtensionAPIPermission::GetByName("windows"));
104
105 // unlimitedStorage: unlimitedStorage, unlimited_storage
106 std::string storage_name = "unlimitedStorage";
107 EXPECT_EQ(storage_name,
108 ExtensionAPIPermission::UnlimitedStorage().name());
109 EXPECT_EQ(ExtensionAPIPermission::UnlimitedStorage(),
110 *ExtensionAPIPermission::GetByName("unlimitedStorage"));
111 EXPECT_EQ(ExtensionAPIPermission::UnlimitedStorage(),
112 *ExtensionAPIPermission::GetByName("unlimited_storage"));
113 }
114
115 TEST(ExtensionAPIPermissionTest, HostedAppPermissions) {
116 std::set<ExtensionAPIPermission> hosted_perms;
117 hosted_perms.insert(ExtensionAPIPermission::Background());
118 hosted_perms.insert(ExtensionAPIPermission::ClipboardRead());
119 hosted_perms.insert(ExtensionAPIPermission::ClipboardWrite());
120 hosted_perms.insert(ExtensionAPIPermission::ChromePrivate());
121 hosted_perms.insert(ExtensionAPIPermission::Experimental());
122 hosted_perms.insert(ExtensionAPIPermission::Geolocation());
123 hosted_perms.insert(ExtensionAPIPermission::Notification());
124 hosted_perms.insert(ExtensionAPIPermission::UnlimitedStorage());
125 hosted_perms.insert(ExtensionAPIPermission::WebstorePrivate());
126
127 std::set<ExtensionAPIPermission> perms = ExtensionAPIPermission::GetAll();
128 size_t count = 0;
129 for (std::set<ExtensionAPIPermission>::iterator i = perms.begin();
130 i != perms.end(); ++i) {
131 count += hosted_perms.count(*i);
132 EXPECT_EQ(hosted_perms.count(*i), i->is_hosted_app());
133 }
134
135 EXPECT_EQ((size_t)9, count);
136 EXPECT_EQ((size_t)9, ExtensionAPIPermission::hosted_app_permission_count());
137 }
138
139 TEST(ExtensionAPIPermissionTest, ComponentOnlyPermissions) {
140 std::set<ExtensionAPIPermission> private_perms;
141 private_perms.insert(ExtensionAPIPermission::ChromeosInfoPrivate());
142 private_perms.insert(ExtensionAPIPermission::FileBrowserPrivate());
143 private_perms.insert(ExtensionAPIPermission::MediaPlayerPrivate());
144 private_perms.insert(ExtensionAPIPermission::WebstorePrivate());
145
146 std::set<ExtensionAPIPermission> perms = ExtensionAPIPermission::GetAll();
147 int count = 0;
148 for (std::set<ExtensionAPIPermission>::iterator i = perms.begin();
149 i != perms.end(); ++i) {
150 count += private_perms.count(*i);
151 EXPECT_EQ(private_perms.count(*i), i->is_component_only());
152 }
153
154 EXPECT_EQ(4, count);
155 }
156
157 TEST(ExtensionPermissionSetTest, EffectiveHostPermissions) {
158 scoped_refptr<Extension> extension;
159 ExtensionPermissionSet permissions;
160
161 extension = LoadManifest("effective_host_permissions", "empty.json");
162 permissions = extension->permission_set();
163 EXPECT_EQ(0u, extension->GetEffectiveHostPermissions().patterns().size());
164 EXPECT_FALSE(permissions.HasAccessToHost(GURL("http://www.google.com")));
165 EXPECT_FALSE(permissions.HasEffectiveAccessToAllHosts());
166
167 extension = LoadManifest("effective_host_permissions", "one_host.json");
168 permissions = extension->permission_set();
169 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://www.google.com")));
170 EXPECT_FALSE(permissions.HasAccessToHost(GURL("https://www.google.com")));
171 EXPECT_FALSE(permissions.HasEffectiveAccessToAllHosts());
172
173 extension = LoadManifest("effective_host_permissions",
174 "one_host_wildcard.json");
175 permissions = extension->permission_set();
176 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://google.com")));
177 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://foo.google.com")));
178 EXPECT_FALSE(permissions.HasEffectiveAccessToAllHosts());
179
180 extension = LoadManifest("effective_host_permissions", "two_hosts.json");
181 permissions = extension->permission_set();
182 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://www.google.com")));
183 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://www.reddit.com")));
184 EXPECT_FALSE(permissions.HasEffectiveAccessToAllHosts());
185
186 extension = LoadManifest("effective_host_permissions",
187 "https_not_considered.json");
188 permissions = extension->permission_set();
189 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://google.com")));
190 EXPECT_TRUE(permissions.HasAccessToHost(GURL("https://google.com")));
191 EXPECT_FALSE(permissions.HasEffectiveAccessToAllHosts());
192
193 extension = LoadManifest("effective_host_permissions",
194 "two_content_scripts.json");
195 permissions = extension->permission_set();
196 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://google.com")));
197 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://www.reddit.com")));
198 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://news.ycombinator.com")));
199 EXPECT_FALSE(permissions.HasEffectiveAccessToAllHosts());
200
201 extension = LoadManifest("effective_host_permissions", "all_hosts.json");
202 permissions = extension->permission_set();
203 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://test/")));
204 EXPECT_FALSE(permissions.HasAccessToHost(GURL("https://test/")));
205 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://www.google.com")));
206 EXPECT_TRUE(permissions.HasEffectiveAccessToAllHosts());
207
208 extension = LoadManifest("effective_host_permissions", "all_hosts2.json");
209 permissions = extension->permission_set();
210 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://test/")));
211 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://www.google.com")));
212 EXPECT_TRUE(permissions.HasEffectiveAccessToAllHosts());
213
214 extension = LoadManifest("effective_host_permissions", "all_hosts3.json");
215 permissions = extension->permission_set();
216 EXPECT_FALSE(permissions.HasAccessToHost(GURL("http://test/")));
217 EXPECT_TRUE(permissions.HasAccessToHost(GURL("https://test/")));
218 EXPECT_TRUE(permissions.HasAccessToHost(GURL("http://www.google.com")));
219 EXPECT_TRUE(permissions.HasEffectiveAccessToAllHosts());
220 }
221
222 TEST(ExtensionPermissionSetTest, CreateUnion) {
223 std::set<ExtensionAPIPermission> apis1;
224 std::set<ExtensionAPIPermission> apis2;
225 std::set<ExtensionAPIPermission> expected_apis;
226
227 URLPatternSet hosts1;
228 URLPatternSet hosts2;
229 URLPatternSet expected_hosts;
230
231 bool native_code1 = false;
232 bool native_code2 = false;
233 bool expected_native_code = false;
234
235 scoped_ptr<ExtensionPermissionSet> set1;
236 scoped_ptr<ExtensionPermissionSet> set2;
237 scoped_ptr<ExtensionPermissionSet> union_set;
238
239 // Union with an empty set.
240 apis1.insert(ExtensionAPIPermission::Tab());
241 apis1.insert(ExtensionAPIPermission::Background());
242 expected_apis.insert(ExtensionAPIPermission::Tab());
243 expected_apis.insert(ExtensionAPIPermission::Background());
244
245 AddPattern(&hosts1, "http://*.google.com/*");
246 AddPattern(&expected_hosts, "http://*.google.com/*");
247
248 set1.reset(new ExtensionPermissionSet(native_code1, apis1, hosts1));
249 set2.reset(new ExtensionPermissionSet(native_code2, apis2, hosts2));
250 union_set.reset(ExtensionPermissionSet::CreateUnion(*set1, *set2));
251
252 EXPECT_EQ(expected_native_code, union_set->native_code());
253 EXPECT_EQ(expected_apis, union_set->apis());
254 AssertEqualExtents(expected_hosts, union_set->effective_hosts());
255
256 // Now use a real second set.
257 apis2.insert(ExtensionAPIPermission::Tab());
258 apis2.insert(ExtensionAPIPermission::Proxy());
259 apis2.insert(ExtensionAPIPermission::ClipboardWrite());
260 expected_apis.insert(ExtensionAPIPermission::Tab());
261 expected_apis.insert(ExtensionAPIPermission::Proxy());
262 expected_apis.insert(ExtensionAPIPermission::ClipboardWrite());
263
264 AddPattern(&hosts2, "http://*.example.com/*");
265 AddPattern(&hosts2, "http://*.google.com/*");
266 AddPattern(&expected_hosts, "http://*.example.com/*");
267
268 native_code2 = true;
269 expected_native_code = true;
270
271 set2.reset(new ExtensionPermissionSet(native_code2, apis2, hosts2));
272 union_set.reset(ExtensionPermissionSet::CreateUnion(*set1, *set2));
273 EXPECT_EQ(expected_native_code, union_set->native_code());
274 EXPECT_EQ(expected_apis, union_set->apis());
275 AssertEqualExtents(expected_hosts, union_set->effective_hosts());
276 }
277
278 TEST(ExtensionPermissionSetTest, HasLessPrivilegesThan) {
279 const struct {
280 const char* base_name;
281 // Increase these sizes if you have more than 10.
282 const char* granted_apis[10];
283 const char* granted_hosts[10];
284 bool full_access;
285 bool expect_increase;
286 } kTests[] = {
287 { "allhosts1", {NULL}, {"http://*/", NULL}, false,
288 false }, // all -> all
289 { "allhosts2", {NULL}, {"http://*/", NULL}, false,
290 false }, // all -> one
291 { "allhosts3", {NULL}, {NULL}, false, true }, // one -> all
292 { "hosts1", {NULL},
293 {"http://www.google.com/", "http://www.reddit.com/", NULL}, false,
294 false }, // http://a,http://b -> http://a,http://b
295 { "hosts2", {NULL},
296 {"http://www.google.com/", "http://www.reddit.com/", NULL}, false,
297 true }, // http://a,http://b -> https://a,http://*.b
298 { "hosts3", {NULL},
299 {"http://www.google.com/", "http://www.reddit.com/", NULL}, false,
300 false }, // http://a,http://b -> http://a
301 { "hosts4", {NULL},
302 {"http://www.google.com/", NULL}, false,
303 true }, // http://a -> http://a,http://b
304 { "hosts5", {"tabs", "notifications", NULL},
305 {"http://*.example.com/", "http://*.example.com/*",
306 "http://*.example.co.uk/*", "http://*.example.com.au/*",
307 NULL}, false,
308 false }, // http://a,b,c -> http://a,b,c + https://a,b,c
309 { "hosts6", {"tabs", "notifications", NULL},
310 {"http://*.example.com/", "http://*.example.com/*", NULL}, false,
311 false }, // http://a.com -> http://a.com + http://a.co.uk
312 { "permissions1", {"tabs", NULL},
313 {NULL}, false, false }, // tabs -> tabs
314 { "permissions2", {"tabs", NULL},
315 {NULL}, false, true }, // tabs -> tabs,bookmarks
316 { "permissions3", {NULL},
317 {"http://*/*", NULL},
318 false, true }, // http://a -> http://a,tabs
319 { "permissions5", {"bookmarks", NULL},
320 {NULL}, false, true }, // bookmarks -> bookmarks,history
321 #if !defined(OS_CHROMEOS) // plugins aren't allowed in ChromeOS
322 { "permissions4", {NULL},
323 {NULL}, true, false }, // plugin -> plugin,tabs
324 { "plugin1", {NULL},
325 {NULL}, true, false }, // plugin -> plugin
326 { "plugin2", {NULL},
327 {NULL}, true, false }, // plugin -> none
328 { "plugin3", {NULL},
329 {NULL}, false, true }, // none -> plugin
330 #endif
331 { "storage", {NULL},
332 {NULL}, false, false }, // none -> storage
333 { "notifications", {NULL},
334 {NULL}, false, false } // none -> notifications
335 };
336
337 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTests); ++i) {
338 scoped_refptr<Extension> old_extension(
339 LoadManifest("allow_silent_upgrade",
340 std::string(kTests[i].base_name) + "_old.json"));
341 scoped_refptr<Extension> new_extension(
342 LoadManifest("allow_silent_upgrade",
343 std::string(kTests[i].base_name) + "_new.json"));
344
345 std::set<ExtensionAPIPermission> granted_apis;
346 for (size_t j = 0; kTests[i].granted_apis[j] != NULL; ++j) {
347 granted_apis.insert(
348 *ExtensionAPIPermission::GetByName(kTests[i].granted_apis[j]));
349 }
350
351 URLPatternSet granted_hosts;
352 for (size_t j = 0; kTests[i].granted_hosts[j] != NULL; ++j)
353 AddPattern(&granted_hosts, kTests[i].granted_hosts[j]);
354
355 EXPECT_TRUE(new_extension.get()) << kTests[i].base_name << "_new.json";
356 if (!new_extension.get())
357 continue;
358
359 ExtensionPermissionSet old_p = old_extension->permission_set();
360 ExtensionPermissionSet new_p = new_extension->permission_set();
361
362 EXPECT_EQ(kTests[i].expect_increase, old_p.HasLessPrivilegesThan(new_p))
363 << kTests[i].base_name;
364 }
365 }
366
367 TEST(ExtensionPermissionSetTest, PermissionMessages) {
368 // Ensure that all permissions that needs to show install UI actually have
369 // strings associated with them.
370 std::set<ExtensionAPIPermission> skip;
371
372 // These are considered "nuisance" or "trivial" permissions that don't need
373 // a prompt.
374 skip.insert(ExtensionAPIPermission::ContextMenus());
375 skip.insert(ExtensionAPIPermission::Idle());
376 skip.insert(ExtensionAPIPermission::Notification());
377 skip.insert(ExtensionAPIPermission::UnlimitedStorage());
378 skip.insert(ExtensionAPIPermission::ContentSettings());
379
380 // TODO(erikkay) add a string for this permission.
381 skip.insert(ExtensionAPIPermission::Background());
382
383 skip.insert(ExtensionAPIPermission::ClipboardWrite());
384
385 // The cookie permission does nothing unless you have associated host
386 // permissions.
387 skip.insert(ExtensionAPIPermission::Cookie());
388
389 // The proxy permission is warned as part of host permission checks.
390 skip.insert(ExtensionAPIPermission::Proxy());
391
392 // This permission requires explicit user action (context menu handler)
393 // so we won't prompt for it for now.
394 skip.insert(ExtensionAPIPermission::FileBrowserHandler());
395
396 // If you've turned on the experimental command-line flag, we don't need
397 // to warn you further.
398 skip.insert(ExtensionAPIPermission::Experimental());
399
400 // These are private.
401 skip.insert(ExtensionAPIPermission::WebstorePrivate());
402 skip.insert(ExtensionAPIPermission::FileBrowserPrivate());
403 skip.insert(ExtensionAPIPermission::MediaPlayerPrivate());
404 skip.insert(ExtensionAPIPermission::ChromePrivate());
405 skip.insert(ExtensionAPIPermission::ChromeosInfoPrivate());
406 skip.insert(ExtensionAPIPermission::WebSocketProxyPrivate());
407
408 std::set<ExtensionAPIPermission> permissions =
409 ExtensionAPIPermission::GetAll();
410
411 const ExtensionPermissionMessage::MessageId ID_NONE =
412 ExtensionPermissionMessage::ID_NONE;
413
414 for (std::set<ExtensionAPIPermission>::const_iterator i = permissions.begin();
415 i != permissions.end(); ++i) {
416 ExtensionAPIPermission permission = *i;
417 if (skip.count(permission)) {
418 EXPECT_EQ(ID_NONE, permission.message_id())
419 << "unexpected message_id for " << permission.name();
420 } else {
421 EXPECT_NE(ID_NONE, permission.message_id())
422 << "missing message_id for " << permission.name();
423 }
424 }
425 }
426
427 // Tests the default permissions (empty API permission set).
428 TEST(ExtensionPermissionSetTest, DefaultFunctionAccess) {
429 const struct {
430 const char* permission_name;
431 bool expect_success;
432 } kTests[] = {
433 // Negative test.
434 { "non_existing_permission", false },
435 // Test default module/package permission.
436 { "browserAction", true },
437 { "browserActions", true },
438 { "devtools", true },
439 { "extension", true },
440 { "i18n", true },
441 { "pageAction", true },
442 { "pageActions", true },
443 { "test", true },
444 // Some negative tests.
445 { "bookmarks", false },
446 { "cookies", false },
447 { "history", false },
448 { "tabs.onUpdated", false },
449 // Make sure we find the module name after stripping '.' and '/'.
450 { "browserAction/abcd/onClick", true },
451 { "browserAction.abcd.onClick", true },
452 // Test Tabs functions.
453 { "tabs.create", true},
454 { "tabs.update", true},
455 { "tabs.getSelected", false},
456 };
457
458 ExtensionPermissionSet permissions(
459 false, std::set<ExtensionAPIPermission>(), URLPatternSet());
460 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTests); ++i) {
461 EXPECT_EQ(kTests[i].expect_success,
462 permissions.HasAccessToFunction(kTests[i].permission_name));
463 }
464 }
465
466 TEST(ExtensionPermissionSetTest, GetWarningMessages_ManyHosts) {
467 scoped_refptr<Extension> extension;
468
469 extension = LoadManifest("permissions", "many-hosts.json");
470 std::vector<string16> warnings =
471 extension->permission_set().GetWarningMessages();
472 ASSERT_EQ(1u, warnings.size());
473 EXPECT_EQ("Your data on www.google.com and encrypted.google.com",
474 UTF16ToUTF8(warnings[0]));
475 }
476
477 TEST(ExtensionPermissionSetTest, GetWarningMessages_Plugins) {
478 scoped_refptr<Extension> extension;
479 scoped_ptr<ExtensionPermissionSet> permissions;
480
481 extension = LoadManifest("permissions", "plugins.json");
482 std::vector<string16> warnings =
483 extension->permission_set().GetWarningMessages();
484 // We don't parse the plugins key on Chrome OS, so it should not ask for any
485 // permissions.
486 #if defined(OS_CHROMEOS)
487 ASSERT_EQ(0u, warnings.size());
488 #else
489 ASSERT_EQ(1u, warnings.size());
490 EXPECT_EQ("All data on your computer and the websites you visit",
491 UTF16ToUTF8(warnings[0]));
492 #endif
493 }
494
495 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay) {
496 scoped_ptr<ExtensionPermissionSet> perm_set;
497 std::set<ExtensionAPIPermission> empty_perms;
498 std::vector<std::string> expected;
499 expected.push_back("www.foo.com");
500 expected.push_back("www.bar.com");
501 expected.push_back("www.baz.com");
502 URLPatternSet actual;
503
504 {
505 SCOPED_TRACE("no dupes");
506
507 // Simple list with no dupes.
508 actual.AddPattern(
509 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path"));
510 actual.AddPattern(
511 URLPattern(URLPattern::SCHEME_HTTP, "http://www.bar.com/path"));
512 actual.AddPattern(
513 URLPattern(URLPattern::SCHEME_HTTP, "http://www.baz.com/path"));
514 perm_set.reset(new ExtensionPermissionSet(false, empty_perms, actual));
515 CompareLists(expected, perm_set->GetDistinctHostsForDisplay());
516 }
517
518 {
519 SCOPED_TRACE("two dupes");
520
521 // Add some dupes.
522 actual.AddPattern(
523 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path"));
524 actual.AddPattern(
525 URLPattern(URLPattern::SCHEME_HTTP, "http://www.baz.com/path"));
526 perm_set.reset(new ExtensionPermissionSet(false, empty_perms, actual));
527 CompareLists(expected, perm_set->GetDistinctHostsForDisplay());
528 }
529
530 {
531 SCOPED_TRACE("schemes differ");
532
533 // Add a pattern that differs only by scheme. This should be filtered out.
534 actual.AddPattern(
535 URLPattern(URLPattern::SCHEME_HTTPS, "https://www.bar.com/path"));
536 perm_set.reset(new ExtensionPermissionSet(false, empty_perms, actual));
537 CompareLists(expected, perm_set->GetDistinctHostsForDisplay());
538 }
539
540 {
541 SCOPED_TRACE("paths differ");
542
543 // Add some dupes by path.
544 actual.AddPattern(
545 URLPattern(URLPattern::SCHEME_HTTP, "http://www.bar.com/pathypath"));
546 perm_set.reset(new ExtensionPermissionSet(false, empty_perms, actual));
547 CompareLists(expected, perm_set->GetDistinctHostsForDisplay());
548 }
549
550 {
551 SCOPED_TRACE("subdomains differ");
552
553 // We don't do anything special for subdomains.
554 actual.AddPattern(
555 URLPattern(URLPattern::SCHEME_HTTP, "http://monkey.www.bar.com/path"));
556 actual.AddPattern(
557 URLPattern(URLPattern::SCHEME_HTTP, "http://bar.com/path"));
558
559 expected.push_back("monkey.www.bar.com");
560 expected.push_back("bar.com");
561
562 perm_set.reset(new ExtensionPermissionSet(false, empty_perms, actual));
563 CompareLists(expected, perm_set->GetDistinctHostsForDisplay());
564 }
565
566 {
567 SCOPED_TRACE("RCDs differ");
568
569 // Now test for RCD uniquing.
570 actual.AddPattern(
571 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path"));
572 actual.AddPattern(
573 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
574 actual.AddPattern(
575 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.de/path"));
576 actual.AddPattern(
577 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca.us/path"));
578 actual.AddPattern(
579 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path"));
580 actual.AddPattern(
581 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com.my/path"));
582
583 // This is an unknown RCD, which shouldn't be uniqued out.
584 actual.AddPattern(
585 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.xyzzy/path"));
586 // But it should only occur once.
587 actual.AddPattern(
588 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.xyzzy/path"));
589
590 expected.push_back("www.foo.xyzzy");
591
592 perm_set.reset(new ExtensionPermissionSet(false, empty_perms, actual));
593 CompareLists(expected, perm_set->GetDistinctHostsForDisplay());
594 }
595
596 {
597 SCOPED_TRACE("wildcards");
598
599 actual.AddPattern(
600 URLPattern(URLPattern::SCHEME_HTTP, "http://*.google.com/*"));
601
602 expected.push_back("*.google.com");
603
604 perm_set.reset(new ExtensionPermissionSet(false, empty_perms, actual));
605 CompareLists(expected, perm_set->GetDistinctHostsForDisplay());
606 }
607 }
608
609 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay_ComIsBestRcd) {
610 scoped_ptr<ExtensionPermissionSet> perm_set;
611 std::set<ExtensionAPIPermission> empty_perms;
612 URLPatternSet actual;
613 actual.AddPattern(
614 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
615 actual.AddPattern(
616 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
617 actual.AddPattern(
618 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
619 actual.AddPattern(
620 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path"));
621 actual.AddPattern(
622 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
623 actual.AddPattern(
624 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path"));
625
626 std::vector<std::string> expected;
627 expected.push_back("www.foo.com");
628 perm_set.reset(new ExtensionPermissionSet(false, empty_perms, actual));
629 CompareLists(expected, perm_set->GetDistinctHostsForDisplay());
630 }
631
632 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay_NetIs2ndBestRcd) {
633 scoped_ptr<ExtensionPermissionSet> perm_set;
634 std::set<ExtensionAPIPermission> empty_perms;
635 URLPatternSet actual;
636 actual.AddPattern(
637 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
638 actual.AddPattern(
639 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
640 actual.AddPattern(
641 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
642 actual.AddPattern(
643 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path"));
644 actual.AddPattern(
645 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
646 // No http://www.foo.com/path
647
648 std::vector<std::string> expected;
649 expected.push_back("www.foo.net");
650 perm_set.reset(new ExtensionPermissionSet(false, empty_perms, actual));
651 CompareLists(expected, perm_set->GetDistinctHostsForDisplay());
652 }
653
654 TEST(ExtensionPermissionSetTest,
655 GetDistinctHostsForDisplay_OrgIs3rdBestRcd) {
656 scoped_ptr<ExtensionPermissionSet> perm_set;
657 std::set<ExtensionAPIPermission> empty_perms;
658 URLPatternSet actual;
659 actual.AddPattern(
660 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
661 actual.AddPattern(
662 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
663 actual.AddPattern(
664 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
665 // No http://www.foo.net/path
666 actual.AddPattern(
667 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
668 // No http://www.foo.com/path
669
670 std::vector<std::string> expected;
671 expected.push_back("www.foo.org");
672 perm_set.reset(new ExtensionPermissionSet(false, empty_perms, actual));
673 CompareLists(expected, perm_set->GetDistinctHostsForDisplay());
674 }
675
676 TEST(ExtensionPermissionSetTest,
677 GetDistinctHostsForDisplay_FirstInListIs4thBestRcd) {
678 scoped_ptr<ExtensionPermissionSet> perm_set;
679 std::set<ExtensionAPIPermission> empty_perms;
680 URLPatternSet actual;
681 actual.AddPattern(
682 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
683 // No http://www.foo.org/path
684 actual.AddPattern(
685 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
686 // No http://www.foo.net/path
687 actual.AddPattern(
688 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
689 // No http://www.foo.com/path
690
691 std::vector<std::string> expected;
692 expected.push_back("www.foo.ca");
693 perm_set.reset(new ExtensionPermissionSet(false, empty_perms, actual));
694 CompareLists(expected, perm_set->GetDistinctHostsForDisplay());
695 }
696
697 TEST(ExtensionPermissionSetTest, HasLessHostPrivilegesThan) {
698 URLPatternSet list1;
699 URLPatternSet list2;
700 scoped_ptr<ExtensionPermissionSet> set1;
701 scoped_ptr<ExtensionPermissionSet> set2;
702 std::set<ExtensionAPIPermission> empty_perms;
703 list1.AddPattern(
704 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));
705 list1.AddPattern(
706 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));
707
708 // Test that the host order does not matter.
709 list2.AddPattern(
710 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));
711 list2.AddPattern(
712 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));
713
714 set1.reset(new ExtensionPermissionSet(false, empty_perms, list1));
715 set2.reset(new ExtensionPermissionSet(false, empty_perms, list2));
716
717 EXPECT_FALSE(set1->HasLessHostPrivilegesThan(*set2));
718 EXPECT_FALSE(set2->HasLessHostPrivilegesThan(*set1));
719
720 // Test that paths are ignored.
721 list2.ClearPatterns();
722 list2.AddPattern(
723 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/*"));
724 set2.reset(new ExtensionPermissionSet(false, empty_perms, list2));
725 EXPECT_FALSE(set1->HasLessHostPrivilegesThan(*set2));
726 EXPECT_FALSE(set2->HasLessHostPrivilegesThan(*set1));
727
728 // Test that RCDs are ignored.
729 list2.ClearPatterns();
730 list2.AddPattern(
731 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/*"));
732 set2.reset(new ExtensionPermissionSet(false, empty_perms, list2));
733 EXPECT_FALSE(set1->HasLessHostPrivilegesThan(*set2));
734 EXPECT_FALSE(set2->HasLessHostPrivilegesThan(*set1));
735
736 // Test that subdomain wildcards are handled properly.
737 list2.ClearPatterns();
738 list2.AddPattern(
739 URLPattern(URLPattern::SCHEME_HTTP, "http://*.google.com.hk/*"));
740 set2.reset(new ExtensionPermissionSet(false, empty_perms, list2));
741 EXPECT_TRUE(set1->HasLessHostPrivilegesThan(*set2));
742 //TODO(jstritar): Does not match subdomains properly. http://crbug.com/65337
743 //EXPECT_FALSE(set2->HasLessHostPrivilegesThan(*set1));
744
745 // Test that different domains count as different hosts.
746 list2.ClearPatterns();
747 list2.AddPattern(
748 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));
749 list2.AddPattern(
750 URLPattern(URLPattern::SCHEME_HTTP, "http://www.example.org/path"));
751 set2.reset(new ExtensionPermissionSet(false, empty_perms, list2));
752 EXPECT_TRUE(set1->HasLessHostPrivilegesThan(*set2));
753 EXPECT_FALSE(set2->HasLessHostPrivilegesThan(*set1));
754
755 // Test that different subdomains count as different hosts.
756 list2.ClearPatterns();
757 list2.AddPattern(
758 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*"));
759 set2.reset(new ExtensionPermissionSet(false, empty_perms, list2));
760 EXPECT_TRUE(set1->HasLessHostPrivilegesThan(*set2));
761 EXPECT_TRUE(set2->HasLessHostPrivilegesThan(*set1));
762 }
OLDNEW
« chrome/common/extensions/extension_permission_set.cc ('K') | « chrome/common/extensions/extension_permission_set.cc ('k') | chrome/common/extensions/extension_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698